January 28, 2023

A very serious vulnerability has been discovered in a number of Cisco routers (opens in new tab) which allows threat actors to bypass authentication, gain root access to the endpoint, and even execute arbitrary commands against the underlying operating system in the second stage of the attack.

The news comes courtesy of Cisco itself, which said it would not fix the flaw, as it was discovered in endpoints that have reached end-of-life. The flaw, tracked as CVE-2023-20025, affects Cisco Small Business RV016, RV042, RV042G, and RV082 routers. By sending a custom HTTP request to the vulnerable routers’ web-based management interface, the attackers can bypass the device’s authentication and exploit it remotely.